package com.ht.modules.authentication.config;

import com.gexin.fastjson.JSON;
import com.ht.modules.ai.app.entity.AppInfo;
import com.ht.modules.ai.app.service.IAppInfoService;
import com.ht.modules.ai.company.entity.Company;
import com.ht.modules.ai.company.service.ICompanyService;
import com.ht.modules.authentication.utils.AesUtil;
import com.ht.modules.authentication.utils.JwtUtil;
import com.ht.modules.authentication.utils.Md5Util;
import com.ht.modules.authentication.utils.RsaUtil;
import com.ht.modules.authentication.vo.TokenVo;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.jeecgframework.core.util.ApplicationContextUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/**
 * 权限拦截器
 *
 * @author gaozhihua
 */
@Component
@Slf4j
public class AuthInterceptor implements HandlerInterceptor {
    @Autowired
    private JwtUtil jwtUtil;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
        try {
            String accessToken = request.getHeader("Access-Token");
            String accessSign = request.getHeader("Access-Sign");
            String companyId = request.getHeader("Company-Id");
            String appId = request.getHeader("App-Id");
            ICompanyService companyService = ApplicationContextUtil.getContext().getBean(ICompanyService.class);
            IAppInfoService appInfoService = ApplicationContextUtil.getContext().getBean(IAppInfoService.class);
            Company company = companyService.queryById(Integer.valueOf(companyId));
            if (null == company) {
                return false;
            }
            AppInfo appInfo = appInfoService.queryById(Integer.valueOf(appId));
            if (null == appInfo) {
                return false;
            }
            String privateKey = company.getPrivateKey();
            String accessKey = appInfo.getAccessKey();
            String sign = RsaUtil.decryptByPrivateKey(accessSign, privateKey, RsaUtil.Mode.PRIVATE_DECRYPT);
            String encrypt = AesUtil.encrypt(company.getCode() + "_" + appId, accessKey);
            String md5Encode = Md5Util.MD5Encode(encrypt, "UTF-8");
            if (sign.equals(md5Encode)) {
                return true;
            }
            TokenVo tokenVo = new TokenVo();
            tokenVo.setCompanyId(company.getId());
            tokenVo.setCompanyCode(company.getCode());
            tokenVo.setAppId(appInfo.getId());
            tokenVo.setAppSecret(null);
            tokenVo.setSign(null);
            tokenVo.setToken(null);
            tokenVo.setTimestamp(null);
            String infoJson = JSON.toJSONString(tokenVo);
            return jwtUtil.verify(accessToken, sign, infoJson, accessKey);
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            return false;
        }
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) {
    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception ex) {
    }
}
